[PermissionService] Remove IsCurrentUserAuthorized redundancies#3838

imnasnainaec · 2025-06-03T15:36:09Z

This change is

codecov · 2025-06-03T15:41:30Z

Codecov Report

Attention: Patch coverage is 42.85714% with 4 lines in your changes missing coverage. Please review.

Project coverage is 73.20%. Comparing base (d3fd57d) to head (1c22da0).
Report is 1 commits behind head on master.

Files with missing lines	Patch %	Lines
Backend/Services/PermissionService.cs	42.85%	0 Missing and 4 partials ⚠️

Additional details and impacted files

@@            Coverage Diff             @@
##           master    #3838      +/-   ##
==========================================
+ Coverage   65.87%   73.20%   +7.33%     
==========================================
  Files         235      286      +51     
  Lines        6033    10751    +4718     
  Branches      753     1341     +588     
==========================================
+ Hits         3974     7870    +3896     
- Misses       1815     2483     +668     
- Partials      244      398     +154

Flag	Coverage Δ
backend	`82.57% <42.85%> (?)`
frontend	`65.87% <ø> (ø)`

Flags with carried forward coverage won't be shown. Click here to find out more.

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

hahn-kev · 2025-06-05T03:30:02Z

Backend/Services/PermissionService.cs

        {
-            var currentUserId = GetUserId(request);
-            return userId == currentUserId;
+            return userId == GetUserId(request);


As this is right now if both of these strings were empty this would return true. Not sure why that would be the case but it would probably be a bug or error and this should return false in that case.

hahn-kev

the changes look good to me, I'm concerned with some of the ways security is being handled right now but that's not in scope of this PR as you're not really changing anything.

imnasnainaec · 2025-06-05T13:38:11Z

the changes look good to me, I'm concerned with some of the ways security is being handled right now but that's not in scope of this PR as you're not really changing anything.

@hahn-kev Do tell me more. I'd be glad to improve the security in another pr.

imnasnainaec

Reviewable status: 0 of 1 files reviewed, 1 unresolved discussion (waiting on @hahn-kev and @imnasnainaec)

imnasnainaec · 2025-06-05T13:46:58Z

Backend/Services/PermissionService.cs

        {
-            var currentUserId = GetUserId(request);
-            return userId == currentUserId;
+            return userId == GetUserId(request);


[PermissionService] Clean up

be0b68c

imnasnainaec self-assigned this Jun 3, 2025

imnasnainaec added backend maintenance Issue that makes it difficult to maintain the software or to upgrade installations post-release. labels Jun 3, 2025

Merge branch 'master' into perm-service-user

2ab3613

hahn-kev reviewed Jun 5, 2025

View reviewed changes

hahn-kev approved these changes Jun 5, 2025

View reviewed changes

imnasnainaec added 2 commits June 5, 2025 09:38

Merge branch 'master' into perm-service-user

515605f

Add non-empty check

9ccfadd

imnasnainaec commented Jun 5, 2025

View reviewed changes

Merge branch 'master' into perm-service-user

1c22da0

imnasnainaec merged commit 954de79 into master Jun 5, 2025
14 of 15 checks passed

imnasnainaec deleted the perm-service-user branch June 5, 2025 13:49

imnasnainaec mentioned this pull request Jun 13, 2025

[Backend > Controllers] Update responses, tests #3815

Closed

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

[PermissionService] Remove IsCurrentUserAuthorized redundancies#3838